| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Problems found with existing digests:
Package nhc98 distfile nhc98src-1.22.tar.gz
a8adc8f22371998ee0657bc0e01058a57d876abc [recorded]
81975fcb5f1dda5efeaabc30ce8c6dceae55e591 [calculated]
Problems found locating distfiles:
Package gcc-aux: missing distfile ada-bootstrap.i386.dragonfly.36A.tar.bz2
Package gcc-aux: missing distfile ada-bootstrap.i386.freebsd.84.tar.bz2
Package gcc-aux: missing distfile ada-bootstrap.x86_64.dragonfly.36A.tar.bz2
Package gcc-aux: missing distfile ada-bootstrap.x86_64.freebsd.84.tar.bz2
Package gcc-aux: missing distfile ada-bootstrap.x86_64.solaris.511.tar.bz2
Package gcc5-aux: missing distfile ada-bootstrap.i386.dragonfly.36A.tar.bz2
Package gcc5-aux: missing distfile ada-bootstrap.i386.freebsd.84.tar.bz2
Package gcc5-aux: missing distfile ada-bootstrap.x86_64.dragonfly.36A.tar.bz2
Package gcc5-aux: missing distfile ada-bootstrap.x86_64.freebsd.84.tar.bz2
Package gcc5-aux: missing distfile ada-bootstrap.x86_64.solaris.511.tar.bz2
Package ghc7: missing distfile ghc-7.6.3-boot-i386-unknown-freebsd.tar.xz
Package icc11: missing distfile l_cproc_p_11.1.080.tgz
Package jini: missing distfile jini-1_2_1_001-src.zip
Package oo2c: missing distfile oo2c_32-2.0.11.tar.bz2
Package openjdk7: missing distfile openjdk7/bootstrap-jdk-1.7.76-freebsd-10-amd64-20150301.tar.xz
Package openjdk7: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-5-i386-20150301.tar.xz
Package openjdk7: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-6-i386-20150301.tar.xz
Package openjdk7: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-7-earmv6hf-20150306.tar.xz
Package openjdk7: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-7-sparc64-20150301.tar.xz
Package openjdk7: missing distfile openjdk7/bootstrap-jdk7u60-bin-dragonfly-3.8-amd64-20140719.tar.bz2
Package openjdk8: missing distfile openjdk7/bootstrap-jdk-1.7.76-freebsd-10-amd64-20150301.tar.xz
Package openjdk8: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-5-i386-20150301.tar.xz
Package openjdk8: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-6-i386-20150301.tar.xz
Package openjdk8: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-7-earmv6hf-20150306.tar.xz
Package openjdk8: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-7-sparc64-20150301.tar.xz
Package openjdk8: missing distfile openjdk7/bootstrap-jdk7u60-bin-dragonfly-3.8-amd64-20140719.tar.bz2
Package oracle-jdk8: missing distfile jdk-8u60-linux-i586.tar.gz
Package oracle-jdk8: missing distfile jdk-8u60-solaris-x64.tar.gz
Package oracle-jre8: missing distfile jre-8u60-linux-i586.tar.gz
Package oracle-jre8: missing distfile jre-8u60-solaris-x64.tar.gz
Package sun-jdk6: missing distfile jdk-6u45-linux-i586.bin
Package sun-jdk6: missing distfile jdk-6u45-solaris-i586.sh
Package sun-jdk7: missing distfile jdk-7u72-linux-i586.tar.gz
Package sun-jdk7: missing distfile jdk-7u72-solaris-i586.tar.gz
Package sun-jre6: missing distfile jce_policy-6.zip
Package sun-jre6: missing distfile jre-6u45-linux-x64.bin
Package sun-jre6: missing distfile jre-6u45-solaris-x64.sh
Package sun-jre7: missing distfile jre-7u72-linux-i586.tar.gz
Package sun-jre7: missing distfile jre-7u72-solaris-i586.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
|
|
|
output, going from this:
openjdk version "1.7.0-internal"
to this:
openjdk version "1.7.0_80-internal"
This matches the behaviour of sun-jre, and fixes software such as Logstash
and Jira which expect it to be included. Bump PKGREVISION.
|
|
* Pull in patch from MacPorts to handle 10.11 SDK header issue
with fixincludes.
* Backport upstream bugfix for GCC bug 66523, fixing an issue
with Xcode 7.
* Pull in --with-build-config=bootstrap-debug change from FreeBSD
ports to fix bootstrap compare issue seen with clang / Xcode 7.
|
|
Changelog:
http://www.oracle.com/technetwork/java/javase/8u66-relnotes-2692847.html
New Features and Changes
The following are some of the notable new features and changes in this release:
Support ISO 4217 "Current funds codes" table (A.2)
This enhancement adds support for ISO 4217 table A.2 fund codes. Previously the JDK only supported those currencies listed in table A.1.
See JDK-8074350.
Bug Fixes
This release contains fixes for security vulnerabilities. For more information, see Oracle Critical Patch Update Advisory. For a list of bug fixes included in this release, see JDK 8u66 Bug Fixes page.
The following are some of the notable bug fixes included in this release:
Hotspot should use PICL interface to get cacheline size on SPARC The libpicl library is now required on Solaris/SPARC to determine the size of the cache lines. In case the library is not present or the PICL service is not available the JVM will display a warning and compiler optimizations that utilize the BIS (Block Initializing Store) instruction will be turned off.
See JDK-8056124.
Preloading libjsig.dylib causes deadlock when signal() is called
Applications need to preload the libjsig library to enable signal chaining. Previously, on OS X, after libjsig.dylib was preloaded, any call from native code to signal() caused a deadlock. This has been corrected.
See JDK-8072147.
VM crash when class is redefined with Instrumentation.redefineClasses
The JVM could crash when a class was redefined with Instrumentation.redefineClasses(). The crash could either be a segmentation fault at SystemDictionary::resolve_or_null, or an internal error with the message "tag mismatch with resolution error table". This has now been fixed .
See JDK-8076110.
JDK-8087201 client-libs 2D
OGL: rendering of lcd text is slow
JDK-8130938 client-libs 2D [solaris] Incomplete 8ux fix for 8071710: libfontmanager & t2k should link against headless awt on solaris
JDK-8037371 client-libs java.awt [macosx] Test closed/java/awt/dnd/ImageTransferTest/ImageTransferTest.html fails
JDK-8131752 client-libs java.awt [Regression] Test java/awt/GraphicsDevice/CheckDisplayModes.java fails
JDK-8134453 client-libs javax.accessibility JAWS crashes in WindowsAccessBridge.DLL on 32 bit 8u60 running on 32 bit Win 7
JDK-8134403 core-libs jdk.nashorn Nashorn react.js benchmark performance regression
JDK-8079618 deploy plugin AccessControlException with deployment cache and RMI
JDK-8135116 globalization translation [de] Missing the link of license agreement
JDK-6904403 hotspot jvmti assert(f == k->has_finalizer(),"inconsistent has_finalizer") with debug VM
JDK-8048353 hotspot runtime jstack -l crashes VM when a Java mirror for a primitive type is locked
JDK-8072147 hotspot runtime Preloading libjsig.dylib causes deadlock when signal() is called
JDK-8076110 hotspot runtime VM crash when class is redefined with Instrumentation.redefineClasses
JDK-8133191 install NVDA screen reader and JAWS can't read the "Look and Feel" Selections.
JDK-8078495 security-libs org.ietf.jgss:krb5 End time checking for native TGT is wrong
JDK-8131907 xml jaxp Numerous threads lock during XML processing while running Weblogic 12.1.3
Fixed securty bugs:
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
CVE-2015-4835
CVE-2015-4881
CVE-2015-4843
CVE-2015-4883
CVE-2015-4860
CVE-2015-4805
CVE-2015-4844
CVE-2015-4901
CVE-2015-4868
CVE-2015-4810
CVE-2015-4806
CVE-2015-4871
CVE-2015-4902
CVE-2015-4840
CVE-2015-4882
CVE-2015-4842
CVE-2015-4734
CVE-2015-4903
CVE-2015-4803
CVE-2015-4893
CVE-2015-4911
CVE-2015-4872
CVE-2015-4906
CVE-2015-4916
CVE-2015-4908
|
|
|
|
29 Oct 2015, PHP 5.6.15
- Core:
. Fixed bug #70681 (Segfault when binding $this of internal instance method
to null). (Nikita)
. Fixed bug #70685 (Segfault for getClosure() internal method rebind with
invalid $this). (Nikita)
- Date:
. Fixed bug #70619 (DateTimeImmutable segfault). (Laruence)
- Mcrypt:
. Fixed bug #70625 (mcrypt_encrypt() won't return data when no IV was
specified under RC4). (Nikita)
- Mysqlnd:
. Fixed bug #70384 (mysqli_real_query():Unknown type 245 sent by the server).
(Andrey)
. Fixed bug #70572 segfault in mysqlnd_connect. (Andrey, Remi)
- Opcache:
. Fixed bug #70632 (Third one of segfault in gc_remove_from_buffer).
(Laruence)
. Fixed bug #70631 (Another Segfault in gc_remove_from_buffer()). (Laruence)
. Fixed bug #70601 (Segfault in gc_remove_from_buffer()). (Laruence)
. Fixed compatibility with Windows 10 (see also bug #70652). (Anatol)
|
|
Patch provided by Olaf 'Rhialto' Seibert via PR pkg/50371.
Changes:
Version 2.8.2, October 2015
* Several bug fixes.
* Cleaner interface for command line arguments
through routines a68gargc and a68gargv.
Version 2.8.1, January 2015
* Update source code for recent versions of gcc, autoconf, automake and TeX.
* Documentation updates.
|
|
|
|
test and will handle libgcc itself as appropriate.
|
|
|
|
because this is a GNU configure script and without it we do not get
config.{sub,guess} overrides.
Instead, pass --disable-option-checking to the configure script so that
unrecognized options that appear when using pkgsrc iconv are discarded.
|
|
|
|
|
|
- Fixed: Assertion error in WeakCallback - see #3329
- Fixed: Undefined timeout regression - see #3331
|
|
available.
|
|
only. Fixes build on Linux.
|
|
so we don't get a stale java.core in pkgdb.
|
|
|
|
|
|
already be in place, except in the configure script) now that openbsd
has threads.
|
|
1.10.0
------
- Issue #122: Improve the performance of `six.int2byte` on Python 3.
- Pull request #55 and issue #99: Don't add the `winreg` module to `six.moves`
on non-Windows platforms.
- Pull request #60 and issue #108: Add `six.moves.getcwd` and
`six.moves.getcwdu`.
- Pull request #64: Add `create_unbound_method` to create unbound methods.
|
|
|
|
|
|
Adapt some packages so they build with that.
Bump their PKGREVISIONs.
|
|
Add checks for the presence of SSLv3 in OpenSSL/LibreSSL - obtained from
http://www.libressl.org/patches.html
|
|
Add checks for the presence of SSLv3 in OpenSSL/LibreSSL - obtained from
http://www.libressl.org/patches.html
|
|
Set PKG_CONFIG to empty as it removes reference to the build directory.
Add checks for the presence of SSLv3 in OpenSSL/LibreSSL - obtained from
http://www.libressl.org/patches.html
Fix typo in comment s/refrect/reference.
Reviewed by taca@ wiz@
|
|
Set PKG_CONFIG to empty as it removes reference to the build directory.
Add checks for the presence of SSLv3 in OpenSSL/LibreSSL - obtained from
http://www.libressl.org/patches.html
Fix typo in comment s/refrect/reference.
Set shell used during configure stage to bash on OpenBSD & Bitrig
due to pdksh incompatibility.
Reviewed by taca@ wiz@
|
|
Set PKG_CONFIG to empty as it removes reference to the build directory.
Add checks for the presence of SSLv3 in OpenSSL/LibreSSL - obtained from
http://www.libressl.org/patches.html
Fix typo in comment s/refrect/reference.
Reviewed by taca@ wiz@
|
|
The first Node.js LTS release! See https://github.com/nodejs/LTS/
for details of the LTS process.
- Added new -c (or --check) command line argument for checking script
syntax without executing the code
- Added process.versions.icu to hold the current ICU library versio
- Added process.release.lts to hold the current LTS codename when
the binary is from an active LTS release line
- npm: Upgraded to npm 2.14.7 from 2.14.4, see release notes
for full details
See full release notes incl. commit log:
https://nodejs.org/en/blog/release/v4.2.0/
|
|
Changelog:
All platforms:
MAJOR CHANGE: All platforms now use a uniform graphical user
interface, based on the wxWidgets library. A very simple editor
is part of the package, no more external editor. This GUI is,
so far, rather primitive, but provides a framework that should
allow for many improvements relatively soon. There is a single
Logo window that can be in fullscreen, splitscreen, or textscreen
mode, like traditional Logo versions.
INCOMPATIBLE CHANGE: RGB color lists, as used by PALETTE,
SETPALETTE, etc., now take integer or non-integer values between
0 and 100 rather than integers between 0 and 65535. I don't like
incompatible changes, but having now actually tried teaching kids
with Berkeley Logo, I've learned that they have trouble understanding
the old system; their colors all come out near-black.
New commands PRINTPICT and PRINTTEXT to print the graphics and
text screens, respectively. If called with an argument (in
parentheses), they print preview instead. (wxWidgets only)
New commands INCREASEFONT and DECREASEFONT to make the text window
font one size bigger or smaller, SETTEXTSIZE to set the absolute
size, SETLABELHEIGHT to adjust graphics-window text size, and
SETFONT to set the font name for all windows. (wxWidgets only)
SETTEXTCOLOR (SETTC) command, formerly just in DOS version, works
on all platforms. It takes two color number or RGB lists as inputs,
first the text color, then the text background color. (wxWidgets only)
New command FILLED takes two arguments, a color and an instruction
list. The instructions should draw a simple closed curve (but if
not closed, FILLED will add a turtle move back to the starting
point). The instructions are carried out, and then the area
enclosed by the curve is filled using the given color, regardless
of other lines that might intersect that area. (wxWidgets only)
Special variable BUTTONACT, if defined and nonempty, is an instruction
list to be run when the user presses a mouse button. Special variable
KEYACT, if ditto, is to be run when the user presses a key on the
keyboard. It is the responsibility of the user code to handle the
problem of a second mouse/keypress during the running of these
instructions. New operation CLICKPOS outputs the position of the
mouse at the moment when the mouse button was pressed. BUTTON
outputs which button was most recently pressed, or zero if no button
was pressed since the last call to BUTTON. (BUTTONP still reflects
the actual current button status.) (wxWidgets only)
The workspace management procedures (PO, TEXT, HELP, etc.) look
in the library before deciding whether the name you give exists
as a procedure or not, just the way running the procedure does.
This is an incompatible change!
The procedure formerly named BACKSLASHEDP or BACKSLASHED? is now
called VBARREDP or VBARRED?, to reflect a longstanding change in
its meaning. The old names are retained in the Logo library for
backward compatibility.
A command line argument consisting of just a hyphen means that all
following command line arguments should be collected in a list,
instead of taken as filenames to load. The list can be seen in
the buried variable :COMMAND.LINE
Logo looks in its library directory (e.g., /usr/local/lib/logo/logolib)
for a file startup.lg, and runs it if found, before looking in the
user's current directory for startup.lg and running that.
A vertical bar that comes after a semicolon doesn't require a
matching vertical bar to end the line.
Fixed a garbage collector bug (although I don't know why it was
a bug, alas).
The buffer for saving pictures (for SAVEPICT and EPSPICT and for
restoring the graphics window after it's hidden) has no size limit.
INVOKE is a macro, so (INVOKE [IF ? < 0 [OUTPUT "NEGATIVE]] :X)
will output from the caller, rather than from INVOKE.
Improved error message "Runlist %s has more than one expression"
for the case of a macro seen where an expression (that outputs a
value) is needed: PRINT RUN [PRINT "A PRINT "B].
One-pixel moves from drawing turtle aren't saved in SAVEPICT buffer.
(1 2 3) gives error message instead of blowing up.
PRINT [~] (bracket after tilde) works (no line continuation).
The check for END inside a multi-line instruction is correctly
internationalized.
APPLY [[][]] [] no longer crashes.
APPLY copies the arg list, so the original list can't be modified
by changes to the inputs (e.g., after an error).
Better error message (don't know how) for too much inside parens
and also the first one isn't a procedure name.
Better error message for STOP or OUTPUT during a PAUSE.
Fixed bug crashing backquote (`) in case of `[[,[...] ...]]
Fixed bug giving "out of bounds" message for line just on screen edge.
Fixed bug that ignored TEST outside of a procedure.
Turtle is invisible during drawing (to speed it up).
|
|
|
|
only. Fixes build on Linux.
|
|
Reviewed by: wiz@
|
|
of libverify with certain compilers.
|
|
This release includes a fix for CVE-2015-7384, a Denial of Service
(DoS) bug. All users of Node.js v4.x should upgrade to v4.1.2.
http:
- Fix out-of-order 'finish' event bug in pipelining that can abort
execution, fixes DoS vulnerability CVE-2015-7384
- Account for pending response data instead of just the data on
the current request to decide whether pause the socket or not
libuv:
- Upgraded from v1.7.4 to v1.7.5, see release notes for details
- A better rwlock implementation for all Windows versions
- Improved AIX support
v8:
- Upgraded from v4.5.103.33 to v4.5.103.35
- Backported f782159 from v8's upstream to help speed up Promise
introspection
- Backported c281c15 from v8's upstream to add JSTypedArray length
in post-mortem metadata
|
|
|
|
Upstream changes:
Version 2.769, July 4, 2015
Fixing two bugs under Windows:
print color under windows handles single argument correctly
cpu extension sse2 is no longer required, so yabasic should run again on older hardware
Version 2.768, May 25, 2014
Fixing some bugs under Windows and Linux:
Core dump e.g. under Linux mint related with grafics
Problems with embedded newlines within the Windows console
Keys pressed within grafic window are not always reported to inkey$ (Windows-Version)
Spurios problems with colors under Windows and linux (reported but not fixed yet)
|
|
|
|
01 Oct 2015, PHP 5.6.14
- Core:
. Fixed bug #70370 (Bundled libtool.m4 doesn't handle FreeBSD 10 when
building extensions). (Adam)
- CLI server:
. Fixed bug #68291 (404 on urls with '+'). (cmb)
- DOM:
. Fixed bug #70001 (Assigning to DOMNode::textContent does additional entity
encoding). (cmb)
- Mysqlnd:
. Fixed bug #70456 (mysqlnd doesn't activate TCP keep-alive when connecting to
a server). (Sergei Turchanov)
- OpenSSL:
. Fixed bug #55259 (openssl extension does not get the DH parameters from
DH key resource). (Jakub Zelenka)
. Fixed bug #70395 (Missing ARG_INFO for openssl_seal()). (cmb)
. Fixed bug #60632 (openssl_seal fails with AES). (Jakub Zelenka)
. Fixed bug #68312 (Lookup for openssl.cnf causes a message box). (Anatol)
- PDO:
. Fixed bug #70389 (PDO constructor changes unrelated variables). (Laruence)
- Phar:
. Fixed bug #69720 (Null pointer dereference in phar_get_fp_offset()). (Stas)
. FIxed bug #70433 (Uninitialized pointer in phar_make_dirstream when zip
entry filename is "/"). (Stas)
- Phpdbg:
. Fix phpdbg_break_next() sometimes not breaking. (Bob)
- Standard:
. Fixed bug #67131 (setcookie() conditional for empty values not met). (cmb)
- Streams:
. Fixed bug #70361 (HTTP stream wrapper doesn't close keep-alive connections).
(Niklas Keller)
- Zip:
. Fixed bug #70322 (ZipArchive::close() doesn't indicate errors). (cmb)
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
** PHP 5.5 is in security-only mode , please do not commit to this branch **
01 Oct 2015, PHP 5.5.30
- Phar:
. Fixed bug #69720 (Null pointer dereference in phar_get_fp_offset()). (Stas)
. FIxed bug #70433 (Uninitialized pointer in phar_make_dirstream when zip
entry filename is "/"). (Stas)
|
|
Move into PLIST.prof, fix build on several platforms.
|
|
Changelog:
From: https://www.java.com/en/download/faq/release_changes.xml
Java 8 Update 60 (8u60)
Release Highlights
IANA Data 2015e
JDK 8u60 contains IANA time zone data version 2015e. For more information, refer to Timezone Data Versions in the JRE Software.
Bug Fix: dns_lookup_realm should be false by default
The dns_lookup_realm setting in Kerberos' krb5.conf file is by default false. See 8080637.
Bug Fix: Disable RC4 cipher suites
RC4-based TLS ciphersuites (e.g. TLS_RSA_WITH_RC4_128_SHA) are now considered compromised and should no longer be used (see RFC 7465). Accordingly, RC4-based TLS ciphersuites have been deactivated by default in the Oracle JSSE implementation by adding "RC4" to "jdk.tls.disabledAlgorithms" security property, and by removing them from the default enabled ciphersuites list. These cipher suites can be reactivated by removing "RC4" form "jdk.tls.disabledAlgorithms" security property in the java.security file or by dynamically calling Security.setProperty(), and also readding them to the enabled ciphersuite list using the SSLSocket/SSLEngine.setEnabledCipherSuites() methods. You can also use the -Djava.security.properties command line option to override the jdk.tls.disabledAlgorithms security property. For example:
java -Djava.security.properties=my.java.security ...
where my.java.security is a file containing the property without RC4:
jdk.tls.disabledAlgorithms=SSLv3
Even with this option set from commandline, the RC4 based ciphersuites need to be re-added to the enabled ciphersuite list by using the SSLSocket/SSLEngine.setEnabledCipherSuites() methods. See 8076221.
Bug Fix: Support keystore type detection for JKS and PKCS12 keystores
Keystore Compatibility Mode: To aid interoperability, the Java keystore type JKS now supports keystore compatibility mode by default. This mode enables JKS keystores to access both JKS and PKCS12 file formats. To disable keystore compatibility mode set the Security property keystore.type.compat to the string value false. See 8062552.
Bug Fix: Deprecate Unsafe monitor methods in JDK 8u release
The methods monitorEnter, monitorExit and tryMonitorEnter on sun.misc.Unsafe are marked as deprecated in JDK 8u60 and will be removed in a future release. These methods are not used within the JDK itself and are very rarely used outside of the JDK. See 8069302.
Bug Fix: Extract JFR recording from the core file using SA
DumpJFR is a Serviceability Agent based tool that can be used to extract Java Flight Recorder(JFR) data from the core files and live Hotspot processes. DumpJFR can be used in one of the following methods:
Attach DumpJFR to a live process:
java -cp $JAVA_HOME/lib/sa-jdi.jar sun.jvm.hotspot.tools.DumpJFR <pid>
Attach DumpJFR to a core file:
java -cp $JAVA_HOME/lib/sa-jdi.jar sun.jvm.hotspot.tools.DumpJFR <java> <core>
DumpJFR tool dumps the JFR data to a file called recording.jfr in the current working folder. See 8065301 (not public).
Bug Fix: Local variables named 'enum' lead to spurious compiler crashes
The javac parser is incorrectly parsing local variables with name 'enum'; this results in spurious failures when a program containing such local variables is compiled with a 'source' flag corresponding to a release in which the enum construct is not available (such as '-source 1.4'). See 8069181.
Java Development Kit for ARM Release 8u60
This release includes Java Development Kit for ARM Release 8u60 (JDK 8u60 for ARM). For ARM device support information, see JDK for ARM Downloads page. For system requirements, installation instructions and troubleshooting tips, see Installation Instructions page.
Limitation: Native Memory Tracking support is limited in JDK for ARM. The java command line option XX:NativeMemoryTracking=detail is not supported for ARM targets (an error message is displayed to user). Instead, use the following option:
XX:NativeMemoryTracking=summary
Documentation Updates due to Nashorn Enhancements
JDK 8u60 includes new enhancements to Nashorn. As a result the following documentation changes should be read in conjunction with the current Nashorn documentation:
Addition: In the previous section, we mentioned that every JavaScript object when exposed to Java APIs implements the java.util.Map interface. This is true even for JavaScript arrays. However, this behavior is often not desired or expected when the Java code expects JSON-parsed objects. Java libraries that manipulate JSON-parsed objects usually expect arrays to expose the java.util.List interface instead. If you need to expose your JavaScript objects so that arrays are exposed as lists and not maps, you can use the Java.asJSONCompatible(obj) function, where obj is the root of your JSON object tree.
Correction: The caution mentioned at the end of Mapping Data Types section, is no longer applicable. Nashorn ensures that internal JavaScript strings are converted to java.lang.String when exposed externally.
Correction: The statement in the section Mapping Data Types, that mentions "For example, arrays must be explicitly converted,..." is not correct. Arrays are automatically converted to Java array types, such as java.util.List, java.util.Collection, java.util.Queue and java.util.Deque and so on.
Changes in Deployment Rule Set v1.2
JDK 8u60 implements Deployment Rule Set (DRS) 1.2, which includes the following changes:
Add "checksum" element as sub element of "id" which can allow unsigned jars to be identified by the SHA-256 checksum of the uncompressed form of a jar:
The "checksum" element will match only unsigned jars, and the given hash will be compared only against the uncompressed form of the jar.
The "checksum" element (similar to "certificate" element) has two arguments "hash" and "algorithm", however, unlike "certificate" element, the only supported value for "algorithm" is "SHA-256". Any other value provided will be ignored.
Allow "message" element to apply to all rule types, where previously it only applied to a block rule:
In a run rule, a message sub element will cause a message dialog to be displayed where without a run rule, the default behavior would be to show certificate or unsigned dialog. The message will be displayed in the message dialog.
In a default rule, the message will only be displayed if the default action is to block. In such a case the message will be included in the block dialog.
Echo "customer" blocks in the Java Console, trace files, and Java Usage Tracker records.
Previous to DRS 1.2, "customer" elements could be included (with any sub-elements) in the ruleset.xml file. This element and all its sub elements are ignored. In DRS 1.2, the elements are still functionally ignored. However:
When parsing the ruleset.xml file, all "customer" blocks will be echoed to the Java Console and deployment trace file (if Console and Tracing are enabled).
When using a rule, all "customer" records included within that rule will be added to the Java Usage Tracker (JUT) record (if JUT is enabled).
As a result of the above changes, the DTD for DRS 1.2 is as follows:
<!ELEMENT ruleset (rule*)>
<!ATTRIBUTE ruleset href CDATA #IMPLIED>
<!ATTRIBUTE ruleset version CDATA #REQUIRED>
<!ELEMENT rule (id, action)>
<!ELEMENT id (certificate?) (checksum?) >
<!ATTRIBUTE id title CDATA #IMPLIED>
<!ATTRIBUTE id location CDATA #IMPLIED>
<!ELEMENT certificate EMPTY>
<!ATTLIST certificate algorithm CDATA #IMPLIED>
<!ATTLIST certificate hash CDATA #REQUIRED>
<!ELEMENT checksum EMPTY>
<!ATTLIST checksum algorithm CDATA #IMPLIED>
<!ATTLIST checksum hash CDATA #REQUIRED>
<!ELEMENT action (message?)>
<!ATTRIBUTE permission (run | block | default) #REQUIRED>
<!ATTRIBUTE version CDATA #IMPLIED>
<!ATTRIBUTE force (true|false) "false">
<!ELEMENT message (#PCDATA)>
<!ATTLIST message locale CDATA #IMPLIED>
Java Expiration Date
The expiration date for 8u60 is October 20, 2015. Java expires whenever a new release with security vulnerability fixes becomes available. For systems unable to reach the Oracle Servers, a secondary mechanism expires this JRE (version 8u60) on November 20, 2015. After either condition is met (new release becoming available or expiration date reached), Java will provide additional warnings and reminders to users to update to the newer version.
Bug Fixes
For a list of bug fixes included in this release, see JDK 8u60 Bug Fixes page.
|
|
|
|
* Missing ruby22 and related.
* Update description of RUBY_SUFFIX.
|
|
|
|
|
